CVE-2021-3473
Published Apr 13, 2021
Last updated 4 years ago
Overview
- Description
- An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator (LXCA) is used to perform the backup/restore. The backup/restore password typically exists in this internal log buffer for less than 10 minutes before being overwritten. Generating an FFDC service log will include the log buffer contents, including the backup/restore password if present. The FFDC service log is only generated when requested by a privileged XCC user and it is only accessible to the privileged XCC user that requested the file. The backup/restore password is not captured if the backup/restore is initiated directly from XCC.
- Source
- psirt@lenovo.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.9
- Impact score
- 3.6
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:xclarity_controller:6.00_cdi370q:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78EECA5F-3439-4E53-AD24-1E93F215E2C9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx1320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E72B2526-8BD9-49FD-BDCF-B654BCEAC8AE"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx2320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "562D18F3-5241-4B0B-AC5A-093795AE057B"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "03D3EBE9-34C1-45CA-A800-B313110409DC"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3375:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E8126219-A07C-42A6-9553-B6AE499DB6BF"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3520-g:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B9D354C3-0183-42D9-97D0-C9888B023195"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3720:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9C38326D-97DD-4A6B-985F-968570528C19"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx5520:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8A9FDCC0-F45C-4AA1-BB11-0761A25BF16B"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx7520:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "16776C5F-CCAF-4F22-B570-FE49A0B73FF7"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx7820:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DA2540A2-1462-42F7-949C-9881544DE684"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_mx_certified_nodes:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "39169F30-ACE5-48EC-9D51-34C8F52D33C1"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_1u:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C61CA8EA-F59F-4BB3-963A-163FE450A052"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_2u:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "663D3BA7-F1A9-4EC5-8D31-0FC9AEEF337E"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_dense:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9E560B9E-CF34-42F5-83E3-21F50E459EF6"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr530:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F4C6628A-8A99-4841-A7C5-0445A03C638D"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr570:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8A7C5BE3-5429-46B0-B0B5-C86A9B6376A7"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr590:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A3DC615C-A88A-4C45-892F-77C5E84104E8"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr630:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D7F10C8D-C9C7-4FAD-980D-7A602C8BE81D"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr650:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C6C2B5BB-6E1F-4E01-AAE8-A8239AB8945E"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_st550:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A5B19107-5B45-4E45-8B34-90B5A1FF3962"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_st558:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "30CFA6D5-7D07-4BFF-8AD2-DE591EDE0186"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:xclarity_controller:1.10_tgbt12q:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F5151FA-DA37-475F-A748-DBDCE8EC14EB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx1320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E72B2526-8BD9-49FD-BDCF-B654BCEAC8AE"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx2320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "562D18F3-5241-4B0B-AC5A-093795AE057B"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "03D3EBE9-34C1-45CA-A800-B313110409DC"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3375:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E8126219-A07C-42A6-9553-B6AE499DB6BF"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3520-g:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B9D354C3-0183-42D9-97D0-C9888B023195"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3720:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9C38326D-97DD-4A6B-985F-968570528C19"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx5520:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8A9FDCC0-F45C-4AA1-BB11-0761A25BF16B"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx7520:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "16776C5F-CCAF-4F22-B570-FE49A0B73FF7"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx7820:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DA2540A2-1462-42F7-949C-9881544DE684"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_mx_certified_nodes:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "39169F30-ACE5-48EC-9D51-34C8F52D33C1"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_mx1020:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FF0E5EF6-2664-4DEC-BD90-BF3128DC9DA6"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_1u:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C61CA8EA-F59F-4BB3-963A-163FE450A052"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_2u:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "663D3BA7-F1A9-4EC5-8D31-0FC9AEEF337E"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_dense:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9E560B9E-CF34-42F5-83E3-21F50E459EF6"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_se350:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FD4B877C-8D19-4AD2-948D-ADBD9B1BEEED"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr670:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BF1664DE-A6AE-4365-A652-80CEFECB62DE"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr850p:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2A833BF2-DD7B-4A09-AAB8-14C0C7C5DE10"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:xclarity_controller:2.14_psi338i:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1225B77-7799-4365-8BF2-FE61404F4BA7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr950:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B6B0407D-D603-48AE-9A42-F4C68056E19D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:xclarity_controller:4.40_tei3b2p:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77357A60-44C5-4988-926A-470F54F0FA70"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx1320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E72B2526-8BD9-49FD-BDCF-B654BCEAC8AE"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx2320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "562D18F3-5241-4B0B-AC5A-093795AE057B"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "03D3EBE9-34C1-45CA-A800-B313110409DC"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3375:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E8126219-A07C-42A6-9553-B6AE499DB6BF"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3520-g:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B9D354C3-0183-42D9-97D0-C9888B023195"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx3720:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9C38326D-97DD-4A6B-985F-968570528C19"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx5520:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8A9FDCC0-F45C-4AA1-BB11-0761A25BF16B"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx7520:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "16776C5F-CCAF-4F22-B570-FE49A0B73FF7"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx7820:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DA2540A2-1462-42F7-949C-9881544DE684"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_1u:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C61CA8EA-F59F-4BB3-963A-163FE450A052"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_2u:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "663D3BA7-F1A9-4EC5-8D31-0FC9AEEF337E"
},
{
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_dense:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9E560B9E-CF34-42F5-83E3-21F50E459EF6"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sd530:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2588DA2E-6E58-4FA2-9AA6-FC669C042197"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sd650:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7A1FF5D0-CC08-42B0-9798-55ED911B3EF6"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sn550:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5DB64709-93BA-43D8-A1DB-4CE405291430"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sn850:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1DB0C393-2CB4-485F-93E2-2F28B19F9325"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr150:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C6334030-07E4-45F4-A233-4A37F77FC573"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr158:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D94182EE-10FE-4506-BDE0-06F4140923FC"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr250:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C5B52AC1-714E-4217-8599-80D99E0D33B3"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr258:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DB19D273-4975-4957-AE94-117B607CD746"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr850:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "19771143-D5F1-4F2F-AB83-09913894681E"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_sr860:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EAF08144-ECCB-477B-A934-E4578522BFEE"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_st250:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DBF2350D-34B1-44DB-8E4A-6F29B37D96CF"
},
{
"criteria": "cpe:2.3:h:lenovo:thinksystem_st258:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "089F97B1-FEDE-4A5D-91D3-0517E8D39174"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]